Add securityContext #2571
Add securityContext #2571
Conversation
k8s-ci-robot
added
cncf-cla: yes
|
Hi @obeyler. Thanks for your PR. I'm waiting for a kubernetes-incubator or kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
k8s-ci-robot
added
the
size/S
There was a problem hiding this comment.
/ok-to-test
yaml looks fine, but I don't understand the consequences of this. Needs research.
/assign @jberkhahn @jboyd01
charts/catalog/Chart.yaml
Outdated
| @@ -1,3 +1,3 @@ | |||
| name: catalog | |||
| description: service-catalog API server and controller-manager helm chart | |||
| version: 0.1.42 | |||
| version: 0.1.43 | |||
There was a problem hiding this comment.
Don't do this.
@jberkhahn will change this on next release.
There was a problem hiding this comment.
yeah, this is a value that is incremented when we cut releases so the helm chart points at the right image. This will break the helm chart if you do it before we release 0.1.43
There was a problem hiding this comment.
@jberkhahn Do you want I set the version to 0.1.42 again ?
I do want you want about that
There was a problem hiding this comment.
I reset it manually ;-)
k8s-ci-robot
added
the
ok-to-test
k8s-ci-robot
removed
the
needs-ok-to-test
go back to previous version as requested by reviewer
|
/retest |
1 similar comment
|
/retest |
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: jberkhahn The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
* Update Chart.yaml * Update apiserver-deployment.yaml * Update controller-manager-deployment.yaml * Update values.yaml * Update Chart.yaml go back to previous version as requested by reviewer
This PR is a
What this PR does / why we need it:
This PR add the opportunity to set a securityContext to be able to run serviceCatalog on a K8S with PodSecurityContext set as RunAsNonRoot
If you don't setup securityContext each deployment is staled with this :
(see previous PR: #2545)
I do it again due to bad rebase
/assign kibbles-n-bytes
@jberkhahn rebase done
@kibbles-n-bytes @pmorie
Please leave this checklist in the PR comment so that maintainers can ensure a good PR.
Merge Checklist:
breaking the chart release and existing clients who provide a
flag that will get an error when they try to update